Skip to main content

At Microsoft, our mission is to empower every person and every organization on the planet to achieve more. Our mission is grounded in both the world in which we live and the future we strive to create. Today, we live in a mobile-first, cloud-first world, and the transformation we are driving across our businesses is designed to enable Microsoft and our customers to thrive in this world.

We do business in 170 countries and are made up of 114,000 passionate employees dedicated to fulfilling our mission of helping you and your organization achieve more.

Detailed information about Entrust and Microsoft strategic partnership, including technical documentation and information on integrations can be found here in Entrust PKI, Entrust Identity, and Entrust BYOK.

Entrust is an official member of the Microsoft Intelligent Security Association.

Solution Description

Bringing the Entrust portfolio of trusted identity solutions to Microsoft customers enables secure connections between people, systems, and devices to streamline IT deployment, mitigate risk, and reduce fraud. Together, we enable even higher levels of growth and innovation. Entrust is an official member of the Microsoft Intelligent Security Association.

Entrust nShield HSMs safeguard the certificate issuance, management, and validation processes for organizations looking to extend the security of Microsoft Active Directory Certificate Services (AD CS) PKI. Using nShield hardware security modules (HSMs), all key generation and certificate signing operations are executed within the tamper-resistant confines of the module. Private keys are securely stored and never accessible outside the HSM. Microsoft published guidance on securing PKI:

  • “Protecting CA Keys and Critical Artifacts” states that using an HSM is one of the strongest controls one can implement to provide strong protection of CA and other high-value keys.

Entrust nShield HSMs create tight controls around the management and the keys used to protect sensitive data at rest and in use across Azure-based on-premises and client applications. Microsoft Azure Key Vault safeguards the critical cryptographic keys used in the cloud to keep data secured. Used with Microsoft Azure Information Protection (AIP), the data exchanged within collaborative work environments is protected by embedding enforceable security policies right on the data assets, regardless of the data type.

Entrust key management for Microsoft SQL Server extends and enhances security by providing protection and lifecycle management for database encryption keys. Entrust nShield HSMs utilize Microsoft’s Extensible Key Management (EKM) interface to support transparent data encryption (TDE) and cell-level encryption modes for protection and consolidation of database application keys. This provides high assurance key archival for long-term data access and facilitates periodic rotation of encryption keys as required by regulations such as PCI DSS.

In addition to the resources below, several detailed integration guides are available for Entrust-Microsoft solutions. Please visit our Document Library for a full listing.

Entrust Ready Technology Partner Program
Technology

Solutions

  • Cloud/DevOps
  • PKI, Key & Certificate Management, IoT
  • Identity and Access Management (IAM)
Featured Video: nShield Integration with Microsoft AD FS
Integration Video: nShield Database Security Option Pack Integration with Microsoft SQL Server
Integration Video: nShield Timestamp Option Pack for Document Signing Integration with Microsoft 365
Integration Video: nShield Integration with Microsoft AD CS and OSCP
How to: Entrust nShield HSM Integration with Microsoft Authenticode

Documentation

Integration Guide: Microsoft AD CS and OCSP nShield HSM for Microsoft Windows Server
Integration Guide: Microsoft AD CS OCSP nShield HSM
Integration Guide: Microsoft SQL Server 2019 Always Encrypted nShield HSM
Integration Guide: Bring Your Own Key for Microsoft Azure Key Vault nShield HSM
Integration Guide: Microsoft AD Federation Service nShield HSM
Integration Guide: Microsoft Host Guardian Service and Shielded Virtual Machines nShield HSM for Windows Server 2019 and Admin Attestation
Integration Guide: Bring Your Own Key for Microsoft Azure Key Vault - Entrust KeyControl BYOK
Integration Guide: Microsoft Authenticode - nShield HSM
Integration Guide: Microsoft IIS nShield HSM
Integration Guide: Microsoft AD CS and NDES nShield HSM for Microsoft Windows Server
Integration Guide: nShield Database Security Option Pack Integration with Microsoft SQL Server
Integration Guide: Time Stamp Option Pack nShield HSM for Microsoft 365
Integration Guide: Entrust KeyControl Integration with Microsoft SQL Server
Integration Guide: Microsoft IIS 2019 - nShield HSM
Solution Brief: Entrust Database Encryption Solution for Microsoft SQL Server
Solution Brief: Protect Sensitive Data at Rest and in Use Across on-Premises and Azure-Based Client Applications
Solution Brief: Enhanced security: for Microsoft active directory certificate services
Solution Brief: Secure Certificate Registration: Entrust High Assurance for Microsoft NDES
Solution Brief: Hold Your Own Key for High Assurance Key Management
Solution Brief: Entrust Bring Your Own Key for High Assurance Key Management
Solution Brief: Entrust Enhances Security of VMs Deployed Within Microsoft Windows Server 2016

Talk to an expert

Our experts will contact you to discuss how our partnerships and solutions can meet your needs.

Entrust Enters Exclusive Discussions to Acquire Onfido
Close